/*************************************************************
 * File: User.java
 * Copyright (c) 2012
 * Author: Huang Shaobin
 * Email: Shaobin.Software@gmail.com Shaobin_Software@163.com 
 * Date: Feb 20, 2013
 * Description: 
 ************************************************************/

package snow.biz.system.model;

import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Map;
import java.util.Set;

import org.apache.commons.collections.MapUtils;
import org.apache.commons.lang.StringUtils;

import snow.biz.basic.model.Persistence;
import snow.biz.security.model.Privilege;
import snow.biz.security.model.Role;
import snow.core.enums.Status;
import snow.core.exceptions.BusinessException;
import snow.core.security.Permission;
import snow.core.security.Principal;
import snow.core.toolkit.Validator;
import snow.core.toolkit.security.Cryptogram;

/**
 * 系统用户
 * 
 * @author Shaobin.Software@gmail.com Shaobin_Software@163.com
 * @version 1.0
 */
@SuppressWarnings("serial")
public class User extends Persistence<Integer> implements Principal {

	private String loginName; // 登录账号
	private String loginPass; // 登录密码
	private Map<Role, Persistence<Integer>> roles; // 持有角色

	protected User() {
	}

	public User(User createUser, Status status, String loginName, String loginPass, Set<Role> roles) throws BusinessException {
		super(createUser, status);
		Validator.notBlank(loginName, "200105", "failure.system.user.login.name.blank");
		Validator.notEmpty(roles, "200107", "failure.system.user.roles.empty");
		this.loginName = loginName.trim();
		setLoginPass(StringUtils.trim(loginPass));
		this.roles = new HashMap<Role, Persistence<Integer>>();
		for (final Role role : roles) {
			if (role != null) {
				this.roles.put(role, new Persistence<Integer>(createUser, status));
			}
		}
	}

	public User(User createUser, String loginName, String loginPass, Set<Role> roles) throws BusinessException {
		this(createUser, Status.FAILURE, loginName, loginPass, roles);
	}

	public String getLoginName() {
		return this.loginName;
	}

	public String getLoginPass() {
		return this.loginPass;
	}

	public Set<Privilege> getPrivileges() {
		Set<Privilege> privileges = Collections.emptySet();
		if (MapUtils.isNotEmpty(this.roles)) {
			final Set<Role> roles = this.roles.keySet();
			privileges = new HashSet<Privilege>();
			for (final Role role : roles) {
				privileges.addAll(role.getPrivileges());
			}
		}
		return privileges;
	}

	public Set<Role> getRoles() {
		return Collections.unmodifiableSet(this.roles.keySet());
	}

	public boolean hasPermission(Permission permission) {
		if (permission instanceof Privilege) {
			Privilege privilege = (Privilege) permission;
			Set<Role> roles = this.roles.keySet();
			for (final Role role : roles) {
				if (role != null && role.contains(privilege)) {
					return true;
				}
			}
		}
		return false;
	}

	public void setLoginName(String loginName) {
	}

	public void setLoginPass(String loginPass) throws BusinessException {
		Validator.notBlank(loginName, "200106", "failure.system.user.login.pass.blank");
		this.loginPass = Cryptogram.encodeBySHA(StringUtils.trim(loginPass));
	}
}
